9.3

CVE-2007-0947

Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, resulting in accessing deallocated memory of CMarkup objects, aka the second of two "HTML Objects Memory Corruption Vulnerabilities" and a different issue than CVE-2007-0946.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftInternet Explorer Version6
   MicrosoftWindows 2003 Server Versionsp1
   MicrosoftWindows 2003 Server Versionsp2
   MicrosoftWindows Vista
   MicrosoftWindows Xp Updatesp2
MicrosoftInternet Explorer Version7.0
   MicrosoftWindows 2003 Server Versionsp1
   MicrosoftWindows 2003 Server Versionsp2
   MicrosoftWindows Vista
   MicrosoftWindows Xp Updatesp2
MicrosoftInternet Explorer Version6
   MicrosoftWindows 2003 Server Versionsp1
MicrosoftInternet Explorer Version7.0
   MicrosoftWindows 2003 Server Versionsp1
MicrosoftInternet Explorer Version6
   MicrosoftWindows 2003 Server Versionsp2
MicrosoftInternet Explorer Version7.0
   MicrosoftWindows 2003 Server Versionsp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 31.97% 0.981
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/468871/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027
http://secunia.com/advisories/23769
Patch
Vendor Advisory
http://www.securitytracker.com/id?1018019
http://www.vupen.com/english/advisories/2007/1712
Vendor Advisory
http://secunia.com/secunia_research/2007-36/advisory/
Patch
Vendor Advisory
http://www.osvdb.org/34403
http://www.securityfocus.com/bid/23772
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/33256
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2048